Oracle Database Exadata Cloud Service

Progress DataDirect for ODBC for Oracle Wire Protocol Driver

An asterisk (*) indicates support that was added in a hotfix or software patch subsequent to a release.

Version 8.0.2

Platform Certifications

Red Hat Enterprise 7.3 (driver version 08.01.2073 (B0259, U0174))

Windows Server 2016 (driver version 08.01.2047 (B0226, U0145))

Support for the following platforms is now generally available:

HP-UX IPF (32 and 64-bit)

HP-UX PA-RISC (32-bit)

Oracle Solaris x86 (32- and 64-bit)

Oracle Solaris on SPARC (32- and 64-bit)

Support for the Intel Itanium II (IPF) processor on the following 64-bit Linux platforms is now generally available:

CentOS Linux

Oracle Linux

Red Hat Enterprise Linux

Database Certifications

Oracle 18c R1 (18.1) (driver version 08.02.2114 (B0330, U0219))*

Oracle 12c R2 (12.2) (driver version 008.01.2067 (B0252, U0168))

Enhancements

The driver has been enhanced to support connecting to a proxy server through
an HTTP connection. HTTP proxy support is configurable with the new Proxy Host,
Proxy Mode, Proxy Password, Proxy Port, and Proxy User connection options.*
Note: The driver does not currently support SSL data encryption for HTTP proxy connections.

The driver has been enhanced with the new Impersonate User connection option
that allows you to specify the proxy user ID used for impersonation. The user
ID specified using this option determines your permissions and identity when
executing queries.*

The driver has been enhanced to support using the default Service Name or SID
specified in the server-side listener.ora file.*

The setting of the Array Size option can now be overridden by specifying the
number of rows to fetch using the SQL_ATTR_ROW_ARRAY_SIZE statement attribute.*

Support for Oracle Database Exadata Cloud Service*

The driver has been updated with OpenSSL library version 1.0.2n, which addresses the following security vulnerabilities:*

rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)

Read/write after SSL object in error state (CVE-2017-3737)

bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)

Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

Version 1.0.2n also addresses the following vulnerabilities resolved by earlier versions of the library.

Using Oracle Wallet as a keystore or truststore for SSL data encryption.

The driver has been certified to use Oracle Internet Directory as a means to store authentication information.

The Oracle driver has been enhanced to support the following new data integrity algorithms for Oracle 12c and higher: SHA256, SHA384, SHA512. To use these algorithms, specify their values using the Data Integrity Types connection option and enable data integrity checks with the Data Integrity Level connection option.

The maximum supported length of identifiers has been increased to 128 bytes when connecting to Oracle 12c R2 (12.2) databases. This change has been implemented to reflect the new maximum length supported by the server.

Changed Behavior

The default value for the Data Integrity Types connection option has changed to the following:

MD5,SHA1,SHA256,SHA384,SHA512

Version 8.0.1

Certifications

Debian Linux 7.11, 8.5 (driver version 07.15.0159 (B0270, U0182))

Ubuntu Linux 14.04, 16.04 (driver version 07.15.0159 (B0270, U0182))

macOS v10.12.x (Sierra) (driver version 08.01.1068 (B0000, U1068))

Enhancements

The driver has been updated with OpenSSL library version 1.0.2k.*
Note: OpenSSL library 1.0.2k has been replaced with version 1.0.2n.

Support for the Oracle 12 and 12a authentication protocols, which provide improved security.

Support for returning implicit result sets from stored procedures.

The driver is now compiled using Visual Studio 2015 for improved security.

The new SDU Size connection option allows you to specify the size in bytes of the Session Data Unit (SDU) that the driver requests when connecting to the server.

The new Support Binary XML connection option enables the driver to support XMLType with binary storage on servers running Oracle 12c and higher.

The new LOB Prefetch Size connection option allows you to specify the size of prefetch data the driver returns for BLOBs and CLOBs for Oracle database versions 12.1.0.1 and higher. With LOB prefetch enabled, the driver can return LOB meta-data and the beginning of LOB data along with the LOB locator during a fetch operation. This can have significant performance impact, especially for small LOBs which can potentially be entirely prefetched, because the data is available without having to go through the LOB protocol.

Changed Behavior

The Enable N-CHAR Support connection option has been deprecated, and the driver behavior has been updated to always provide support for the N-types NCHAR, NVARCHAR2 and NCLOB. For compatibility purposes, the EnableNcharSupport attribute can still be manually specified for this release, but will be deprecated in subsequent versions of the product.

The Enable Timestamp with Timezone connection option has been deprecated, and the driver behavior has been updated to always expose timestamps with timezones to the application. For compatibility purposes, the EnableTimestampwithTimezone attribute can still be manually specified for this release, but it will be deprecated in subsequent versions of the product.

The default value for the Data Integrity Level connection option has been updated to 1 (Accepted). By default, a data integrity check can now be made on data sent between the driver and the database server, if the server request or requires it. This change allows the driver to connect to servers requiring Oracle Advanced Security data integrity checks using the default configuration.

The default value for the Encryption Level connection option has been updated to
1 (Accepted). By default, encryption is now used on data sent between the driver and the database server if the database server requests or requires it. This change allows the driver to connect to servers requiring Oracle Advanced Security encryption using the default configuration.

Version 8.0.0

New Progress DataDirect for ODBC for Oracle Wire Protocol Driver on macOS Platforms

Platform Certifications

Mac OS X v10.11.x (El Capitan)

Mac OS X v10.10.x (Yosemite)

Mac OS X v10.9.x (Mavericks)

Database Certifications

Oracle 12c R1 (12.1)

Oracle 11g R1, R2 (11.1, 11.2)

Oracle 10g R1, R2 (10.1, 10.2)

Oracle9i R2 (9.2)

Oracle8i R3 (8.1.7)

Enhancements

The default OpenSSL library version has been updated to 1.0.2j.
Note: OpenSSL library 1.0.2k has been replaced with version 1.0.2n.

Enhancements

The default OpenSSL library version has been updated to 1.0.2j.*
Note: OpenSSL library 1.0.2j has been replaced with version 1.0.2n.

The default OpenSSL library version has been updated to 1.0.2h.*
Note: OpenSSL library 1.0.2h has been replaced with version 1.0.2n.

The default OpenSSL library version has been updated to 1.0.2g.*
Note: OpenSSL library 1.0.2g has been replaced with version 1.0.2n.

The default OpenSSL library version has been updated to 1.0.2f.
Note: OpenSSL library 1.0.2f has been replaced with version 1.0.2n.

The new CryptoLibName and SSLLibName connection options allow you to
designate the OpenSSL libraries used when SSL is enabled.

Version 7.1.5

Certifications

Certified with Red Hat Enterprise 7.0

Certified with CentOS Linux 7.0

Certified with Oracle Linux 7.0

Enhancements

The OpenSSL library was upgraded to version 1.0.0r, which fixes the
CVE‐2015‐0204 (FREAK) vulnerability. See "RSA silently downgrades
to EXPORT_RSA [Client] (CVE‐2015‐0204)" athttps://www.openssl.org/news/secadv_20150108.txt for more
information.

The new PRNGSeedSource connection option allows you to specifies whether the
driver uses a file or the RAND_poll function as the seed source for SSL key generation.

The new PRNGSeedFile connection option allows you to specify the entropy‐source file or device used as a seed for SSL key generation.

The new Crypto Protocol Version connection option allows you to specify the cryptographic protocols used when SSL is enabled. This option can be used to avoid vulnerabilities associated with SSLv3 and SSLv2, including the POODLE vulnerability.

Version 7.1.4

Certifications

Certified with Windows 8.1

Enhancements

The new KeepAlive connection option allows you to
use TCP Keep Alive to maintain idle TCP connections.

Progress, Telerik, and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.